Hackers found a new way to slip malware past your defenses

Researchers around the world have spotted a curious new campaign designed to scare victims by sending them emails warning of copyright infringement.

The email begins by warning that the recipient's website is hosting copyright-protected content and threatens legal action if the offending material isn't removed immediately.

The red flag here is that rather than simply spelling out what materials are copyright protected in the body of the email, the attackers include a ZIP protected archive file which supposedly provides the details.

 

A clever piece of social engineering

Naturally, anyone who gets scared into opening the archive will not find any details. Rather, they will have inadvertently opened the door to allow LockBit 2.0 ransomware to be installed on their machine.

Worse, if that machine happens to be connected to your corporate network, the malware will spread laterally from there while infecting and locking files on as many devices as it can manage.

It's a clever bit of social engineering.  Nobody wants to run afoul of copyrights, so the hackers are playing on common fears and the current campaign is well organized.  Not only are the emails slickly put together, but the hackers are using one of the most prolific ransomware strains out there.

You're probably not actually displaying copyrighted materials on your website. Even if you were, the content in question would be mentioned prominently in the body of whatever email you got from the owner of the copyright.

 

My perspective

Be sure your staff is aware of the current campaign.  Once someone opens the archive, it's too late and your company will probably be facing some downtime, not to mention the loss of trust you'll suffer.  It's just not worth the risk.

 

Hill Street Blues' Sgt. Esterhaus always advised:
Hey, let's be careful out there!

 


By Denis Wilson

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this post. I always take into mind that your time and attention are precious. And these posts need to be timely, to the point, and short.

For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter

I am also a published author and speaker on cloud computing, work-at-home, and cybersecurity. I work extensively with business and professional associations to provide free small business technology education programs.

 

Contact me if you would like me to speak to your association